CVE-2023-27997: Fortinet FortiOS 및 FortiProxy SSL-VPN에 힙 기반 버퍼 오버플로우 (XORtigate)
Fortinet says a critical flaw in its SSL-VPN product may have been exploited in the wild in a limited number of cases. Organizations are strongly encouraged to apply these patches immediately....
Tenable Cyber Watch: 6개의 사이버 보안 관한 중요하지만 일반적인 오해, IAM 보안을 향상하는 모범 사례 등
This week’s edition of the Tenable Cyber Watch unpacks the six most critical and common cyber misconceptions and shares tips on how to better distribute software bills of materials. Also covered: the best practices to boost IAM security from CISA and the NSA. ...
사이버 보안 스냅샷: 자체 ChatGPT를 만들기? AI 모델의 보안 위험을 피하는 방법 배우기
Find out why cyber teams must get hip to AI security ASAP. Plus, check out the top risks of ChatGPT-like LLMs. Also, learn what this year’s Verizon DBIR says about BEC and ransomware. Plus, the latest trends on SaaS security. And much more!...
Mastering the Art of Kubernetes Security
With Kubernetes’ explosive adoption by the development community comes an urgent need to secure clusters and ensure their compliance effectively....
위험 노출 관리에 대해 자세히 알아보시겠습니까? 이 Gartner® 보고서를 확인해보십시오
At Tenable, we believe that you need exposure management to protect your modern attack surface. But it’s not just us. We feel the Gartner “Predicts 2023: Enterprises Must Expand from Threat to Exposure Management” report is required reading for cybersecurity teams adopting an exposure management pro...
Tenable Cyber Watch: 중국의 ‘Volt Typhoon’이 미국의 중요 인프라를 표적, BEC 공격 증가 등
This week’s edition of the Tenable Cyber Watch unpacks the White House’s updates to its National AI R&D Strategic Plan and addresses the recent surge in business email compromise scams. Also covered: CISA’s warning about Volt Typhoon, the hackers backed by the Chinese government that have been targe...
CVE-2023-34362: MOVEIt에서 무차별적으로 악용되는 위험한 제로데이 취약성을 전송
Discovery of a new zero-day vulnerability in MOVEit Transfer becomes the second zero-day disclosed in a managed file transfer solution in 2023, with reports suggesting that threat actors have stolen data from a number of organizations....
사이버 보안 스냅샷: AI가 우리 모두를 멸망시킬 것인? ID 보안을 향상하는 방법 클라우드 보안을 위한 프레임워크를 사용하십니까?
Check out a hair-raising warning from AI experts. Plus, find out why securing identities is getting harder than ever – and how to fix it. Also, how a cloud security framework can help you – a lot. In addition, check out nifty SaaS security tips. And much more!...
Tenable Cyber Watch: OpenAI CEO Testifies Before Congress; Meet DarkBERT, New AI Trained on the Dark Web; and more
This week’s edition of the Tenable Cyber Watch unpacks Sam Altman’s testimony before Congress on AI risks and regulations, and addresses the importance of cyberattack victims speaking up after an attack. Also covered: An introduction to DarkBERT, the only AI trained on the Dark Web. ...
사이버 보안 스냅샷: 엔터프라이즈 사이버 리더가 ChatGPT 야수를 길들일 수 있는 방법
Check out a guide written for CISOs by CISOs on how to manage the risks of using generative AI in your organization. Plus, the White House unveils an updated national AI strategy. Also, a warning about a China-backed attacker targeting U.S. critical infrastructure. And much more!...
Volt Typhoon: 국제적 사이버 보안 기관이 중국 국가 주도 위협 행위자에 연결된 활동에 대해 자세히 설명
Several international cybersecurity authorities from the United States, United Kingdom, Australia, Canada and New Zealand issue a joint advisory detailing tactics, techniques and procedures used in recent attacks by a Chinese state-sponsored threat actor....
Tenable Announces Support for Microsoft Azure Linux: A New Way to Achieve Secure Container Development
With the launch of Azure Linux container host for Azure Kubernetes Service, Microsoft enters the open-source Linux distribution container sphere with enhanced security Kubernetes experience. In this blog, we explain key features of Azure Linux and how Tenable can support the security needs of Micros...
